Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
Copyright © 2015 Comex Electronics AB
Compromising emanations analysis The invisible threat to information security
Comex Electronics AB
Johan Anstrell
Manager Comex International
Copyright © 2015 Comex Electronics AB
Definition of compromising emanations
“Compromising emanations are defined as unintentional intelligence-bearing signals which, if intercepted and analyzed, may disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment.
Compromising emanations consist of electrical, mechanical, or acoustical energy intentionally or by mishap unintentionally emitted by any number of sources within equipment/systems which process national security information.”
[From Wikipedia, the free encyclopedia]
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Electrical aspect of compromising emanations
• All electric equipment generates unintentional electromagnetic signals that are radiated from the equipment.
• These signals can contain secret information!
• These signals can be transmitted through:
– The air
– Water pipes
– Electrical conduits
– Ventilation system
– Etc.
• The defence standard handling this aspect is:
– TEMPEST (NATO countries)
– RÖS (Sweden)
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Example of electromagnetic signals
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Available sources in IT systems
• A computer radiates several information carrying signals, generated by for example:
– Screen
– Keyboard
– Hard drive
– Etc.
• Peripherals like printers, scanners etc. also radiates information carrying signals.
• An attacker can eavesdrop on these signals and re-create the original information without the knowledge of the user.
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Signal recording and analysis
• There are two different approaches:
– Real-time analysis of detected signals
– Recording signals for post-collection data analysis
• During the analysis, signals from equipment such as computers can be separated due to the differences in clock frequencies.
• You do not need a laboratory to record and analyze the signals. All you need is:
Comex Electronics AB
Raider II from SystemWare-Europé Ltd
Copyright © 2015 Comex Electronics AB
Protection against compromising emanations
• What about encryption?
– Only protects the information during transport or storage – not during modification or displaying situations.
• There are only two options for protecting against compromising emanations:
– Use of shielded rooms
⁺ You can securely use any type of equipment
⁺ Easy to update equipment
– Expensive to build
– Stationary solution
– Not user friendly
– Use of protected equipment
⁺ User friendly solution
⁺ Flexible solution, easy to change location
– You must use approved equipment
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Examples of protected products
Comex® Notebook Comex® Tower Comex® Screen Client Comex® Scanner
Comex BioSec Reader® Comex® Colour Printer Comex® Laser Printer Comex® Secure Cabinet
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
Closing remarks
• Everyone uses firewalls
• You can detect if someone hacked your system:
• How far did they get?
• What type of information were compromised?
→ You can act accordingly
• Analysis of compromising emanations is an invincible threat
that does not leave a trace – you do not know if you are
attacked!
Comex Electronics AB
Copyright © 2015 Comex Electronics AB
For more information visit our website…
www.comex.se/
Comex Electronics AB